Cultivating Security: Debug Authentication for Ensuring the Security of SoC's Root of Trust

Abstract Hardware-assisted debugging provides the necessary infrastructure for developers, testers and many other teams to closely monitor program behaviors at the microarchitectural level in a system-on-chip (SoC). However, debug infrastructure jeopardizes the security of the design by providing a backdoor for accessing crucial assets embedded in the system because of the inevitable increase in observability. While trusted execution environments (TEE) provide an extra level of security and isolate design assets, the security implication of hardware debug integration on TEEs has not been investigated. In this paper, we introduce a multi-level bidirectional access authentication mechanism over the debug module that defines the minimum number of privilege levels needed and the access details at each level so that debug users are authorized and blocked from accessing assets private to other entities. Trust is established by exchanging certificates both from the debugger and SoC sides to implement a bidirectional authorization platform to restrict the debugger's access to SoC assets as well as prevent the debugger's test data from being accessed by an SoC impersonator through emulation. We provide a prototype of the debug authentication platform on RISC-V architecture that proves the small overhead of the approach while staying compatible with traditional RISC-V debug specifications. Our platform ensures SoC's assets' security while providing authorized users with necessary access.